210-255 Real Exam Dumps Questions and answers 21-30
Get Full Version of the Exam
http://www.EnsurePass.com/210-255.html
Question No.21
What information from HTTP logs can be used to find a threat actor?
|
A. |
referer |
|
B. |
IP address |
|
C. |
user-agent |
|
D. |
URL |
Correct Answer: B
Question No.22
Which two HTTP header fields relate to intrusion analysis? (Choose two).
|
A. |
user-agent |
|
B. |
host |
|
C. |
connection |
|
D. |
language |
|
E. |
handshake type |
Correct Answer: AB
Question No.23
During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?
|
A. |
collection |
|
B. |
examination |
|
C. |
reporting |
|
D. |
investigation |
Correct Answer: A
Question No.24
A user on your network receives an email in their mailbox that contains a malicious attachment. There is no indication that the file was run. Which category as defined in the Diamond Model of Intrusion does this activity fall under?
|
A. |
reconnaissance |
|
B. |
weaponization |
|
C. |
delivery |
|
D. |
installation |
Correct Answer: C
Question No.25
Which stakeholder group is responsible for containment, eradication, and recovery in incident handling?
|
A. |
facilitators |
|
B. |
practitioners |
|
C. |
leaders and managers |
|
D. |
decision makers |
Correct Answer: D
Question No.26
DRAG DROP
Drag and drop the elements of incident handling from the left into the correct order on the right.
Correct Answer:
Question No.27
Which Security Operations Center#39;s goal is to provide incident handling to a country?
|
A. |
Coordination Center |
|
B. |
Internal CSIRT |
|
C. |
National CSIRT |
|
D. |
Analysis Center |
Correct Answer: C
Question No.28
An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group. Which term defines the initial event in the NIST SP800- 61 r2?
|
A. |
instigator |
|
B. |
precursor |
|
C. |
online assault |
|
D. |
trigger |
Correct Answer: B
Question No.29
Refer to the exhibit. Which application protocol is in this PCAP file?
|
A. |
TCP |
|
B. |
SSH |
|
C. |
HTTP |
|
D. |
SSL |
Correct Answer: D
Question No.30
Which string matches the regular expression r(ege) x?
|
A. |
rx |
|
B. |
regeegex |
|
C. |
r(ege)x |
|
D. |
rege x |
Correct Answer: B
Get Full Version of 210-255 Dumps